|
[1]D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, &N. Weaver(2003). Inside the slammer worm. IEEE Security and Privacy, 1(4), 33-39. [2]http://www.caida.org/publications/papers/2003/sapphire/sapphire.html [3]D. Dagon, X. Qin, G. Gu, W. Lee, J. Grizzard, J. Levine, &H. Owen (2004). HoneyStat: LocalWorm detection using honeypots. 2004 7th International Symposium, RAID 2004, Sophia Antipolis, France, 39-58. [4]http://www.honeynet.org/ [5]http://www.cert.org.tw/document/column/show.php?key=42 [6]S. Staniford, D. Moore, V. Paxson, &N. Weaver (2004). The top speed of flash worms. 2004 ACM Workshop On Rapid Malcode (WORM), 33-42. [7]Cliff C. Zou, D. Towsley, W. Gong, &S. Cai (2005). Routing worm: A fast, selective attack worm based on IP address information. ACM 19th Workshop on Principles of Advanced and Distributed Simulation, 199-206. [8]B. Madhusudan, &J. Lockwood (2004). Design of a system for real-time worm detection. Hot Interconnects, Stanford, CA , 77–83. [9]C. C. Zou, L. Gao, W. Gong, &D. Towsley(2003). Monitoring and early warning for internet worms. 2003 10th ACM Conference on Computer and Communications Security, 190-199. [10]http://www.cs.unc.edu/~welch/kalman/#Anchor-48213 [11]Guofei Gu, M. Sharif, Xinzhou Qin, D. Dagon, W. Lee, &G. Riley (2004). Worm detection, early warning and response based on local victim information. IEEE Computer Security Applications Conference, 2004, 20th Annual, 136-145. [12]Christian Kreibich, &Jon Crowcroft (2004). Honeycomb: Creating intrusion detection signatures using honeypots. 2004 ACM SIGCOMM Computer Communication Review archive, 34(1) , 51-56. [13]http://www-igm.univ-mlv.fr/~lecroq/seqcomp/node4.html [14]http://www.tcpdump.org/ [15]http://www.netfilter.org/
|